- Extract buildVersionShowOutput helper to drop NewShowInstructionExecutor
  back under gocyclo 30.
- Extract resolveInitialHIDs helper to drop GetHIDs back under cyclop 30.
- Robot test: SHOW VERSION EXTENDED is not in the parser grammar; the
  correct form is SHOW EXTENDED VERSION (extended_opt precedes the id).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

The VERSION case added in the WIP MCP work pushed
NewShowInstructionExecutor's cyclomatic complexity over the linter's
ceiling of 30. Extracting only the VERSION case left it at 31 -- still
one over. Pull the INSERT case into its own helper as well to bring
the function back under the limit.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

The Show Version / Show Version Extended tests asserted that stdout
contained \${EXPECTED_SEMVER}, derived from BUILDMAJORVERSION /
BUILDMINORVERSION / BUILDPATCHVERSION. The build pipeline sets these
for the binary but the patch component is the github.run_number, which
changes every build, and the env vars don't propagate consistently into
the robot harness Python step. Result: stdout shows 0.10.444 but the
assertion compares against the 1.1.1 default and fails.

Switch to a generic semver regex (\d+\.\d+\.\d+) that matches any
build's version cell. The column-header checks (version, commit,
build_date, platform) are kept as literal substring checks.

Also fix two SHOW VERSION EXTENDED occurrences in mcp.robot; the parser
grammar is SHOW extended_opt id_or_var, so the correct form is
SHOW EXTENDED VERSION (already fixed in stackql_from_cmd_line.robot).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

- Add BuildInfo interface with getter methods
- Create private buildInfo struct implementing the interface
- Add NewBuildInfo constructor for mutation only at creation
- Maintain backward compatibility with legacy global variables
- Update cmd/root.go init() to use new constructor pattern

Co-authored-by: Jeffrey Aven <jeffreyaven@users.noreply.github.com>

- Replace global variable with thread-safe singleton pattern using sync.Once
- Add missing periods to all comments (godot linter)
- Fix import formatting (goimports)
- Maintain private struct/public interface pattern
- Preserve backward compatibility

Co-authored-by: Jeffrey Aven <jeffreyaven@users.noreply.github.com>

…globals

- Remove singleton pattern with sync.Once variables
- Remove SetDefault/GetDefault functions that used global state
- Add NewBuildInfoFromLegacy() helper for accessing legacy globals
- Maintain private struct/public interface pattern
- Keep only legacy variables with lint suppressions for -ldflags compatibility

Co-authored-by: Jeffrey Aven <jeffreyaven@users.noreply.github.com>

Co-authored-by: Jeffrey Aven <jeffreyaven@users.noreply.github.com>

- buildinfo: drop the legacy package-level globals (BuildMajorVersion,
  ..., SemVersion). Public surface is now BuildInfo interface +
  NewBuildInfo constructor + Init/Get accessor backed by a sync.Once
  singleton, so the struct is private and mutation only happens through
  the constructor.

- cmd/root.go: fold the buildinfo publication into the existing init()
  rather than adding a second one. SemVersion package var is gone;
  rootCmd.Version and the version template are set from buildinfo.Get()
  inside init(), which runs after -ldflags has populated the cmd.Build*
  link-time targets.

- mcpbackend: ServerBuildInfo was a public mutable struct with no serde;
  collapse it to an unexported serverBuildInfo interface constructed via
  newServerBuildInfo(buildinfo.BuildInfo, transport). The backend
  constructors now take a BuildInfo + transport string and build the
  private value internally, so there is no mutation surface outside the
  constructor.

- stackql_context.py / stackql_from_cmd_line.robot: drop the four
  DESCRIBE_METHOD_* shared constants; queries are inlined in the robot
  scenarios per reviewer guidance.

# Conflicts:
#	internal/stackql/cmd/mcp.go
#	internal/stackql/mcpbackend/mcp_reverse_proxy_backend_service.go
#	internal/stackql/mcpbackend/mcp_service_stackql.go
#	pkg/mcp_server/backend.go
#	pkg/mcp_server/dto/dto.go
#	pkg/mcp_server/example_backend.go
#	pkg/mcp_server/server.go
#	test/robot/functional/mcp.robot

docs/mcp.md still documented the renamed/removed tools (query_json_v2,
validate_query_json_v2, exec_query_json_v2, meta_describe_table) in
both the canonical bash invocations and the worked sample-output
section. Rewrite the tool-list table around the current 11 tools + 1
prompt, refresh the bash examples to use the new tool names and the
describe_method four-segment input, add read-only-server invocation,
and slim the trailing sample-output block to one representative
response per tool against the new {rows}/{valid}/{messages,timestamp}
shapes.

Also delete two dead commented-out blocks that survived the refactor:
the TestConfigValidation stub in server_test.go and the
field-by-field validation skeleton inside Config.Validate.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

The new server returns rendered markdown in Content and the typed DTO in
StructuredContent.  CallToolText previously concatenated Content blocks
verbatim, so scripting clients that called json.loads on stdout (every
robot scenario that uses --exec) saw markdown instead of JSON and failed
to parse.

CallToolText now prefers StructuredContent (re-marshalled as compact
JSON), falling back to Content text only when no structured payload is
present.  Tool-level errors (IsError == true) are returned as a Go error
containing the text payload so the CLI exits non-zero with the refusal
message on stderr - which is how the read-only refusal scenarios already
assert behaviour.

The result-shaping logic is extracted to a pure formatToolResult helper
so it can be unit-tested without an HTTP transport.  Five new tests
cover: StructuredContent preferred, text fallback, IsError -> error,
nil result, array-shaped structured content.

Also fix the run_lifecycle_operation positive robot scenario: the
previous EXEC used aws.transfer.servers.stop_server with an embedded
@@JSON='{...}' body whose nested quotes collided with robot's escape
processing and yielded malformed JSON args.  Switch to the simpler
aws.ec2.instances.instances_Start canonical lifecycle EXEC (same
"The operation was despatched successfully" response) with no embedded
JSON body.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

…ssertion

Two real failures surfaced in CI:

1. MCP HTTPS Describe Method Canonical -- describe_method's `shape`
   column carries an inner JSON-encoded string per row, so the wire
   payload contains escaped quotes (\"description\":\"...\").  The
   Parse MCP JSON Output helper interpolated the captured stdout into
   a triple-quoted Python source literal:

       Evaluate    json.loads('''${input}''')    json

   Python then re-interpreted the \" sequences inside the literal,
   yielding malformed JSON that json.loads choked on.  Switch to
   passing the value through Robot's variable namespace ($input) so
   the bytes reach json.loads unchanged.

2. MCP HTTPS Run Lifecycle Operation Canonical -- the scenario asserts
   on key 'messages', but the reverse-proxy backend at port 9004
   returns ExecQuery results from database/sql -> {timestamp,
   rows_affected?, last_insert_id?}.  Only the orchestrator-backed
   primary backend returns {messages, timestamp}.  Both shapes carry
   `timestamp`; relax the assertion to that common floor and document
   the per-backend contract in code comments on both ExecQuery methods.
   The MCP HTTPS Server Exec Query Canonical scenario (which already
   passes against 9004) only asserts `timestamp` for the same reason.

Also add a focused unit test
(TestFormatToolResult_EmbeddedJSONStringInValueRoundtripsCleanly) that
proves the client formatter's output round-trips through json.Unmarshal
when a structured value contains a JSON-encoded string -- the strict-
mode equivalent of what Robot does after the helper fix.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>